<?php
/* * * * *
 * File: login.php
 * Author: freighter9@gmail.com
 * Version: 0.1 (alpha testing)
 *
 * * * * * *
 * License:
 * This file is part of the PLogin project hosted at
 * http://code.google.com/p/plogin.  All files of the PLogin
 * project are licensed under the GNU General Public License 2.0.
 *
 * * * * *
 * Usage:
 * This script handles user account logins.  It reads post
 * data from login_form.html and compares entered information
 * with the information stored in passwd.php.
 *
 * * * * *
 */

// Check to see if user is already logged in:
session_start();
if ($_SESSION['loggedIn'] == 1) {
	echo 'You are already logged in as ' . $_SESSION['user'];
	exit();
}

$username = $_POST['username'];
$rawpass = $_POST['password'];
$password = crypt(md5($rawpass), md5($username));

$file = "passwd.php";
$fp = fopen($file, 'r');
$fileData = fread($fp, filesize($file));
fclose($fp);

$line = explode("\n", $fileData);

$i = 1;
while ($i <= sizeof($line)) {
	$dataPair = explode(':', $line[$i]);
	if ($dataPair[0] == $username && $dataPair[1] == $password) {
		$authed = 1;
	}
	$i++;
}

if ($authed == 1) {
	$_SESSION['loggedIn'] = 1;
	$_SESSION['user'] = $username;
	echo 'You are logged in as ' . $_SESSION['user'] . '.'<br>;
	echo 'Go back to the <a href="index.html">home page</a>';
}
else {
	echo 'Wrong username/password<br>';
	echo 'Trye <a href="login_form.html">logging in</a> again.';
}
?>
